The Xerces-C XML parser mishandles certain kinds of malformed input
documents, resulting in a segmentation fault during a parse operation.
The bug does not appear to allow for remote code execution, but is a
denial of service attack that in many applications may allow for an
unauthenticated attacker to supply malformed input and cause a crash.